Holder Binding definition dilemma #26
Comments
Imported from AB/Connect bitbucket - Original Commenter: KristinaYasudaI am starting to think that biometrics-based holder binding is separate from cryptographic and claim-based holder binding. With biometrics-based, there is an element of authentication, and “binding” to a physical huma being that is actually using the wallet SW. while in the latter two, verifier can only know that there is only binding to something stored suing wallet SW… I think I am also saying that when biometrics-based holder binding is used authentication event (ie ID Token) should be returned |
|
I would suggest changing a term Holder binding to key binding, like SD-JWT did here and define it as the following:
|
Imported from AB/Connect bitbucket: https://bitbucket.org/openid/connect/issues/1914
Original Reporter: peppelinux
Dear friends and authors, I read in the OpenID4VCI specs the definition of Holder Binding as follows
”Holder Binding: Ability of the Holder to prove legitimate possession of a Verifiable Credential.”
I assume that the statement above refers to the Proof of Possession, carried out by the Holder during the presentation stage, as an ability of the Holder of doing that.
Differently, thinking about Holder Binding, the following definition comes to mind
"characteristic or attribute of a credential, inseparable from it and resistant to tampering, which uniquely links a Verifiable Credential to the entity who requested it and of which it is the legitimate Holder"
The text was updated successfully, but these errors were encountered: